SIEM Solution Design and Implementation: Designing and deploying secure, scalable Google SecOps architectures, including log ingestion pipelines and integration with existing IT infrastructure Configuring and managing log ingestion from various sources, ensuring data normalization and efficient analysis within Google SecOps. Design, Build, and Maintain SIEM Data Pipelines: Design and develop robust, scalable, and automated data pipelines to ingest, process, transform, and store security logs and events from diverse sources (e.g., servers, firewalls, applications, cloud platforms) into the SIEM platform. Develop and implement data parsing rules, enrichment processes, and data normalization techniques to ensure data quality and consistency within the SIEM. Collaborate with various teams (e.g., development, operations, cloud services) to understand logging requirements, define logging standards, and ensure the appropriate data is collected. Develop and implement best practices for SIEM and SOAR (Security Orchestration, Automation, and Response) content management and development. Troubleshoot issues related to log sources, data ingestion, parsing failures, and other SIEM platform issues. Managing access to Security Command Center features through IAM roles, allowing granular control over who can view, edit, or manage findings and assets Ensuring that Security Command Center settings are configured and maintained to support the organization's security needs. Connecting with other Google Cloud products and third-party tools for a more complete security posture Established and active employee resource groups Bachelor's degree in Computer Science, Cyber Security, Information Systems or related field. 8+ years of overall software engineering experience Experience with security logging, data sources, and industry best practices for log ingestion Experience in log parsing, custom rule creation, and developing actionable alerts Proficiency in scripting languages like Python, Go, Java, or Bash for automation, data manipulation, and integration tasks. Hands-on experience setting up CI/CD pipelines. OpenShift Tekton, or GitHub Actions, or alike Knowledge of secure coding practices Experience setting up serverless functions using GCP Cloud Run or Cloud functions, and configuring the respective cloud provider for scaling Robust knowledge of system design principles including reliability, availability, and scalability Experience setting up logging and monitoring services (Dynatrace, GCP Ops Suites) Strong understanding of network security, log analysis, threat detection, and incident response. Knowledge of RESTful APIs, data integration techniques, and infrastructure-as-code tools (e.g., Terraform, Ansible). Analytical and Problem-Solving Skills: Ability to analyze complex data systems, identify improvement opportunities, and translate business requirements into detailed technical designs. Excellent analytical skills and attention to detail for solving complex problems with many variables. Communication and Collaboration: Strong verbal and written communication skills to articulate technical issues, collaborate with stakeholders, and create comprehensive documentation. Ability to work effectively in a team environment and interact with various internal and external teams. Comfortable supporting multiple client environments and balancing delivery with operations. Familiarity with security concepts, cybersecurity frameworks such as NIST, MITRE ATT&CK threat hunting, and cyber threat intelligence. Strong technical experience working in multi-cloud platforms, particularly Google Cloud. Relevant industry certifications (e.g., CISSP, CISA, GCIH, GCIA, CompTIA Security+, CEH) are highly valued. GCP Professional certifications like Security Engineer, Cloud Engineer/Architect are a strong plus. https://fordcareers.co/GSR-HTHD This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660. LI-Hybrid
